Google: 12 To 14 Million Searches Per Day Returned Hacked Sites

Google’s security blog announced today several updates on how they have been addressing malware and hacked sites on the internet.

Google said that between 12 and 14 million search queries per day return warnings that at least one of the results listed in the Google search results were compromised. Google has two types of labels for sites that were hacked, either they are listed as compromised or as harmful. The difference is that compromised sites are hacked and the content and links may have changed but they are likely not harmful to the searcher to click on them. The harmful warning is an extended warning that says if you go to the web site, your computer may be infected with malware.

Google finds about 9,500 new malicious websites every day and sends “thousands of notifications daily to webmasters.”

Hacked sites and malware in the search results are serious issue. In fact, USA Today has a story out yesterday named Search results may deliver tainted links. The story quotes a study from Blue Coat Security Lab that says users are four times as likely to be infected by compromised search results when compared to spam emails.

Google also does try to warn and prevent malware and other viruses through their browser, Chrome and through their Safe Browsing API that other browsers and companies can adopt. They even send thousands of notifications daily to Internet Service Providers about these issues.

Since 2009, the number of infected sites – legitimate websites that are compromised so they can deliver or redirect to malware is down. However the number of “attack” web sites – websites that are specifically built to distribute malware is up. Here are some charts from Google: